Top Tips to Keep Your Data Secure
Recently Beta News published an article on how, The practical guide to fighting ransomware. The article listed several tips, timelines for implementation, and explanations why the tips were important. A vast majority of the information throughout the article was correct and indisputably great advice. However, a few tips warranted additional insight.
Keep the operating system, third-party applications and security solutions up-to-date.
This is critical. As seen with WannaCry and NotPetya, malware variants have the ability to creep in through operating software vulnerabilities. Countless attacks have been accessed through various applications, both on desktop and mobile devices. Also, if the security programs are not updated, they do not know the most updated threats to block. According to Beta News, this is a “Quick Win”, meaning it can be implemented in 1-3 months. Please understand, keeping these programs and systems updated is not going to take 1-3 months, but creating a plan to automate updates could.
Restrict administrative rights.
There have been countless malware attacks that failed to execute but the end user did not have administrative rights. It is one simple, yet effective security measure. From a company standpoint, it’s important to understand what employees have access to what, what their access levels are, and if all of the access rights are necessary to complete daily job functions. If a user needs admin rights, then leave them — but there may be areas they do not need access to. This could, in the event of a malware attack, mitigate the infection.
Implement multi-layer authentication.
Security breaches could leave passwords exposed. However, if an organization implements a multi-layer authentication approach the security of that organization’s data could remain secure. A multi-layer authentication approach is also highly recommended for remote access.
This may seem like common knowledge, but there are practices that will assist in the success of securing those backups. Best practice is to back up the data on an external device. For companies, this should be done every hour. For home users, daily would suffice. It is also important to unplug the external device when the backup process is complete. Often times, businesses and home users are unable to recover their data after a ransomware attack hits. Therefore, keeping updated backups secure on an external device has become imperative.
Implement an application whitelist approach.
This is also known as a default deny approach. While using an application whitelist, only trusted applications are allowed to execute. Everything else, including unknown programs are blocked until proven secure. This method has been proven to be the most effective in blocking today’s cyber threats — including ransomware. Beta News stated this approach could take 6-12 months to integrate. This is not always the case. With PC Matic, PC Matic Pro and PC Matic MSP, it can be done in the amount of time it takes to install the program. Once installed, the PC Matic malware research team maintains the whitelist, removing the burden from IT administrators.
To read all of the ransomware prevention tips provided by Beta News, click here.